SupabaseS
Supabase11mo ago
Joe

Update scopes using signInWithOAuth?

Is there an example or recommended pattern for handing scope changes for a user?

Currently users sign in via the google provider with base scopes. Then later within the app there is an option to connect google drive and google sheets. The connect google sheets button is using signInWithOAuth with the additional scopes required but after clicking through the authorization screens and approving the new scopes, checking the provider token still returns the original base scopes
scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid'
]

when I expect it to return
scopes: [
  'https://www.googleapis.com/auth/userinfo.email',
  'https://www.googleapis.com/auth/userinfo.profile',
  'openid',
  'https://www.googleapis.com/auth/spreadsheets.readonly',
  'https://www.googleapis.com/auth/drive.readonly',
  'https://www.googleapis.com/auth/drive.metadata.readonly',
]


Here is the initial Oauth:
await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?redirect_to=${pathname}`,
    queryParams: {
      access_type: 'offline',
      prompt: 'consent',
    },
  },
})

And here is where I am trying to add the new scopes:
const requiredScopesString = REQUIRED_SCOPES.join(' ')
await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    scopes: requiredScopesString,
    redirectTo: `${process.env.NEXT_PUBLIC_BASE_URL}/auth/callback?next=/${params.org_id}/data_sources/google_sheets/new`,
    queryParams: {
      prompt: 'consent',
      access_type: 'offline',
    },
  },
})
Was this page helpful?